CISA orders federal agencies to fix VMware CVE-2022-22972 and CVE-2022-22973 flaws
CISA orders federal agencies to fix VMware CVE-2022-22972 and CVE-2022-22973 vulnerabilities by May 23, 2022. The Cybersecurity and Infrastructure Security...
hacking
VMware fixed a critical auth bypass issue in some of its products
VMware addressed a critical authentication bypass vulnerability “affecting local domain users” in multiple products. The virtualization giant warns that a...
Cyph – Cryptographically Secure Messaging And Social Networking Service
Cyph is a cryptographically secure messaging and social networking service, providing an extreme level of privacy combined with best-in-class ease...
Microsoft warns of attacks targeting MSSQL servers using the tool sqlps
Microsoft warns of brute-forcing attacks targeting Microsoft SQL Server (MSSQL) database servers exposed online. Microsoft warns of a new hacking...
Microsoft warns of the rise of cryware targeting hot wallets
Microsoft researchers warn of the rising threat of cryware targeting non-custodial cryptocurrency wallets, also known as hot wallets. Microsoft warns...
ShadowClone – Unleash The Power Of Cloud
Running httpx on 94K References Lithops documentation Free Tiers Cloud Provider Free Allowance Link Google Functions 2 Million invocations, 400,000...
Conti Ransomware gang threatens to overthrow the government of Costa Rica
The Conti ransomware gang is threatening to ‘overthrow’ the new government of Costa Rica after last month’s attack. Last month,...
Experts spotted a new variant of UpdateAgent macOS malware dropper written in Swift
Researchers spotted a new variant of the UpdateAgent macOS malware dropper that was employed in attacks in the wild. Researchers...
Grafiki – Threat Hunting Tool About Sysmon And Graphs
Grafiki is a Django project about Sysmon and graphs, for the time being. In my opinion EventViewer, Elastic and even...
Venezuelan cardiologist accused of operating and selling Thanos ransomware
The U.S. Justice Department accused a 55-year-old Venezuelan cardiologist of operating and selling the Thanos ransomware. The U.S. Justice Department accused...
Vaas – Verdict-as-a-Service SDKs: Analyze Files For Malicious Content
Verdict-as-a-Service (VaaS) is a service that provides a platform for scanning files for malware and other threats. It allows easy...
Over 200 Apps on Play Store were distributing Facestealer info-stealer
Experts spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data. Trend Micro researchers...
CISA adds CVE-2022-30525 flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog
US Critical Infrastructure Security Agency (CISA) adds critical CVE-2022-30525 RCE flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog....
A custom PowerShell RAT uses to target German users using Ukraine crisis as bait
Researchers spotted a threat actor using a custom PowerShell RAT targeting German users to gain intelligence on the Ukraine crisis....
Kali Linux 2022.2 – Penetration Testing and Ethical Hacking Linux Distribution
Time for another Kali Linux release! – Kali Linux 2022.2. This release has various impressive updates.The summary of the changelog...
BirDuster – A Multi Threaded Python Script Designed To Brute Force Directories And Files Names On Webservers
BirDuster is a Python based knockoff of the original DirBuster. BirDuster is a multi threaded Python application designed to brute...
Apple fixes the sixth zero-day since the beginning of 2022
Apple released security updates to address a zero-day bug actively exploited in attacks against Macs and Apple Watch devices. Apple...
Experts show how to run malware on chips of a turned-off iPhone
Researchers devised an attack technique to tamper the firmware and execute a malware onto a Bluetooth chip when an iPhone...
Chlonium – Chromium Cookie Import / Export Tool
Chlonium is an application designed for cloning Chromium Cookies. From Chromium 80 and upwards, cookies are encrypted using AES-256 GCM,...
Ukrainian national sentenced to 4 years in prison for selling access to hacked servers
A 28-year-old Ukrainian national has been sentenced to four years in prison for selling access to hacked servers. Glib Oleksandr...
Eternity Project: You can pay $260 for a stealer and $490 for a ransomware
Researchers from threat intelligence firm Cyble analyzed the Eternity Project Tor website which offers any kind of malicious code. Researchers...
May 08 – May 14 Ukraine – Russia the silent cyber conflict
This post provides a timeline of the events related to Russia invasion of Ukraine from the cyber security perspective. Below...
Security Affairs newsletter Round 365 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
Ukraine CERT-UA warns of new attacks launched by Russia-linked Armageddon APT
Ukraine Computer Emergency Response Team (CERT-UA) reported a phishing campaign conducted by Armageddon APT using GammaLoad.PS1_v2 malware. Ukraine Computer Emergency...
